x509certificate2

问题 We have some unit tests which have PFX certificates embedded in them. These certificates are read during test execution and turned into X509Certificate2 objects. Unfortunately, when run as an unprivileged user, we get Access Denied exceptions: using (var s = EmbeddedResourceUtilities.GetEmbeddedResourceAsStream(typeThatContainsEmbeddedResource, certFileName)) { if (s == null) { throw new ApplicationException(String.Format("Embedded certificate {0} for type {1} not found.", certFileName,

问题 I've written an ASP.NET Core 2.0 website in C# and have Facebook authentication enabled, so it requires HTTPS. I'm using the native Kestrel web server to host the site and have a listener set to take the PFX certificate per MS' documentation. I can't seem to find a way for Kestrel to recognize the private key after recall from Key Vault. I know it's present, as I wrote two debug statements that indicate it is, in fact present. This is the function that I'm using to retrieve the secret, which

问题 I have this code: X509Chain x509Chain = new X509Chain(); x509Chain.ChainPolicy.ExtraStore.Add(certificate1); x509Chain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck; x509Chain.ChainPolicy.RevocationFlag = X509RevocationFlag.ExcludeRoot; x509Chain.Build(certificate2); foreach (X509ChainElement x509ChainElement in x509Chain.ChainElements) { Log("Name: " + x509ChainElement.Certificate.GetNameInfo(X509NameType.SimpleName, false)); foreach (X509ChainStatus x509ChainStatus in

问题 I am trying to generate an X509Certificate2 object using the Microsoft AES Cryptographic Provider: CALG_AES_256 (0x00006610) 256 bit AES. This algorithm is supported by the Microsoft AES Cryptographic Provider. My problem is that my call to CryptGenKey(providerContext, 0x6610, 0x4000001, out cryptKey) fails with the following error: An unhandled exception of type 'System.Runtime.InteropServices.COMException' occurred in mscorlib.dll Additional information: Invalid flags specified. (Exception

问题 I am trying to use X509Certificate2.CreateFromCertFile() method in an ASP.NET Core application, but it seems like it's not supported for .NET Core. Is there an alternative way of creating an X509Certificate2 object from a cert/pfx file? 回答1: Maybe something like this? public Certificate CreateFromCertFile() { string cerFile = @"c:\cer.txt"; string keyFile = @"c:\key.txt"; var cert = new X509Certificate2(cerFile); cert.PrivateKey = CreateRSAFromFile(keyFile); return cert; } private

问题 I'm developing ASP.NET 4.0 web application, and I want to read the current user certificates from X509Store. Reading the LocalMachine certificates works fine, but if I set the StoreLocation to CurrentUser, it gives me an empty collection. The following code works fine : X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine); // StoreLocation.CurrentUser store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly); I've checked my personal store (via certmgr.mmc) and I'm sure

问题 I am working with Flurl to hit an API that requires certificate-based authentication. I have seen from this SO post that adding a certificate to a WebRequestHandler and instructing an HttpClient to use this handler is easy. However, it is not so clear for me using Flurl. I have tried the follwing three things. Extending DefaultHttpFactory I first suspected that I needed to create my own X509HttpFactory : DefaultHttpFactory which would create the handler and assign it to the HttpClient .

问题 I have a self signed root certificate that I generated in C# using CERTENROLL.dll's CX509CertificateRequest Certificate functionality. I would like to write a function that generates client certificates signed by my root using the same API. However the only CertEnroll option I can find that does not generate a self signed certificate requires a authenticated CA. There seems to be a flag for setting a SignerCertificate but it always fails to initialize. //Initialize cert var cert = new

问题 I'm unit testing a .NET application; some of the unit tests involve programmatically generating X509Certificate2 objects. I don't care about actual signing/private key/validation stuff, I'd just like to have an object that doesn't throw exceptions when its fields are examined. I tried using the parameterless constructor, but then a whole bunch of fields throw exceptions when accessed. As seen in the debugger: SubjectName = '(new System.Collections.Generic.Mscorlib_CollectionDebugView(result

问题 I'm trying to use an OpenSSL code in my .Net program. Here's the code: openssl pkcs12 -in "My PassKit Cert.p12" -clcerts -nokeys -out certificate.pem openssl pkcs12 -in "My PassKit Cert.p12" -nocerts -out key.pem smime -binary -sign -signer certificate.pem -inkey key.pem -in manifest.json -out signature -outform DER I tried to use .Net OpenSSL, but I absolutely have no idea how to use it, and I couldn't find a good documentation for it. I decided to use .Net to perform the same sign process,